Sedona Conference

The Sedona Conference Has an Updated Glossary (Again): eDiscovery Best Practices

Just when I need a topic for a Monday, The Sedona Conference® (TSC) delivers!  Last Friday, TSC and its Technology Resource Panel announced the publication of The Sedona Conference Glossary, eDiscovery & Digital Information Management, Fifth Edition.

This Fifth Edition, encompassing 130 pages and nearly 800 definitions, reflects the rapid expansion of privacy and data security laws and regulations. It incorporates new definitions related to Big Data, GDPR, and the science of Technology-Assisted Review; deletes outdated terms; and updates others in response to evolving technology and case law.  From “30(b)(6)” and “Ablate”, which is to burn laser-readable “pits” into the recorded layer of optical disks, DVD-ROMs and CD-ROMs (obvy!) to “Zombie Cookies” and “Zone OCR”, this Glossary covers it all.

Do you know what “Basic Input Output System (BIOS)” is?  How about a “Data Lake”?  Or the Federal Information Processing Standards (FIPS)?  What about “Harvesting”? (which can be done any time of year, by the way).  Do you know for which term “Make-Available Production” is synonymous?  Do you know what “Sentiment Analysis” is?  No, it has nothing to do with studying romantic movies. Do you know what “Thread Suppression” is?  Those, and many more, definitions are in this Glossary.

As I noted above, this is the Fifth(!) edition of the glossary.  The original was all the way back in May 2005 and there have been subsequent editions in December 2007, September 2010 and April 2014.

You can download a copy of the Glossary here (login required, which is free).

So, what do you think?  Are you up on your electronic discovery terms?  If not, now you can be!  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s Another Updated Commentary from The Sedona Conference: eDiscovery Best Practices

Last Friday, we covered one updated commentary from The Sedona Conference® (TSC) and promised to cover another one this week.  Consider our promise kept!  :o)

On January 10, TSC and its Working Group 11 on Data Security and Privacy Liability (WG11) announced the publication of the January 2020 final version of The Sedona Conference Incident Response Guide.

The mission of WG11 is to identify and comment on trends in data security and privacy law in an effort to help organizations prepare for and respond to data breaches, and to assist attorneys and judicial officers in resolving questions of legal liability and damages.  WG11 developed the Incident Response Guide to provide a comprehensive but practical guide to help practitioners and organizations deal with the multitude of legal, technical, and policy issues that arise whenever a data breach occurs.

The Incident Response Guide is intended to help organizations prepare and implement an incident response plan and, more generally, to understand the information that drives the development of such a plan. It has been created by thought leaders in the industry and reflects both the practical lessons learned and legal experience gained by the drafters from direct experience responding to incidents, from representation of affected clients, and from the promulgation of rules and guidelines on national and international levels, and is intended to provide general guidance on the topic.

A couple of interesting and curious things about this guide, compared to other TSC guides we’ve covered in the past:

  • The Public Comment version of the Guide was developed way back in March 2018, almost two years ago
  • The guide starts on page 124 and goes to page 262?!? At least in the version I just downloaded this weekend.  Hmmm…

Regardless, there are essentially seven parts in the 139-page(!) (PDF) Commentary (after the Introduction, Part I), plus six appendices.  The Guide covers various topics like pre-incident planning, the incident response plan and executing it, key collateral issues and basic notification requirements.  The appendices include a Model Incident Response Plan and Model Notification Letter and Model Attorney General Breach Notification examples.

You can download a copy of the Commentary here (login required, which is free).  BTW, do you know how many states have security breach notification laws?  You might be surprised!

So, what do you think?  Does your organization have a incident response plan for data security?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Sedona Conference Has an Updated Commentary on Rule 45 Subpoenas to Non-Parties: eDiscovery Best Practices

So many stories, so little time.  Been meaning to cover this for a few days now.  Last week, The Sedona Conference® (TSC) and its Working Group 1 on Electronic Document Retention & Production (WG1) announced the publication of the Public Comment Version of The Sedona Conference Commentary on Rule 45 Subpoenas to Non-Parties, Second Edition.

In 2008, TSC published its first edition of this Commentary, then titled Commentary on Non-Party Production & Rule 45 Subpoenas.  That was 12 years ago!  Even our blog didn’t exist back then.  As you can imagine, much has changed since then, including:

  • Federal Rule of Civil Procedure 45 was substantially revised in 2013;
  • the 2015 amendments to the Federal Rules of Civil Procedure, while not further revising Rule 45 directly, significantly affect non-party practice;
  • Federal Rule of Evidence 502 was enacted in 2008 (subsequent to the publication of the first edition of this Commentary);
  • The Sedona Principles, Third Edition: Best Practices, Recommendations & Principles for Addressing Electronic Document Production was published in 2017 (we covered it here); and
  • the rise in cloud computing has placed large amounts of party data in the hands of non-parties, leading to increased use of Rule 45 subpoenas. That in turn has led to a significant growth in the case law under Rule 45 since the first edition. Here are a few examples we’ve covered in the past couple of years: Williams v. Angie’s List, Ronnie Van Zant, Inc. v. Pyle, Apex Colors, Inc. v. Chemworld Int’l Ltd., Inc., Shenwick v. Twitter, Inc., Fair v. Commc’ns Unlimited Inc., Shamrock-Shamrock, Inc. v. Remark.

There are essentially five parts in the 49-page (PDF) Commentary (after the Introduction, Part I).  Part II covers Rule Changes and Their Impact on Non-Party Discovery.  Part III covers The Possession, Custody, and Control Framework and Its Impact on Rule 45 Obligations (which has factored in several of the cases listed above).  Part IV discusses Preservation obligations, prior to and after receipt of a subpoena and remedies for spoliation.  Part V discusses Rule 45(d) Costs, Sanctions, and Motion Practice.  And, Part VI discusses Rule 45 Practice Pointers.   There are no Appendices.

You can download a copy of the Commentary here (login required, which is free).  The Commentary is open for public comment through March 6, 2020. Questions and comments on the Commentary are welcome and may be sent to comments@sedonaconference.org.  In particular, please share your comments on Section III’s discussion of viewing non-party subpoenas through the lens of “possession, custody or control” principles as well as Section VI’s sixteen Practice Pointers. The drafting team will carefully consider all comments received, and determine what edits are appropriate for the final version.

TSC has been busy!  We’ll cover another publication that was just released a few days ago early next week.

So, what do you think?  How does your organization address subpoenas of non-parties in litigation today?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Another Commentary from The Sedona Conference: eDiscovery Best Practices

The Sedona Conference® (TSC) Conference and its Working Group 1 on Electronic Document Retention & Production (WG1) have yet another publication to announce in 2018.  Last week, TSC’s WG1 group announced a new second edition commentary on Legal Holds.

Thursday, TSC’s WG1 group announced its Commentary on Legal Holds, Second Edition: The Trigger & The Process.  Much has changed in the law and technology since The Sedona Conference published the First Edition of this Commentary back in September 2010 (hey, that’s when this blog was founded!). This Second Edition of the Commentary on Legal Holds, which provides practical guidelines for determining when the duty to preserve relevant information arises as well as the scope of preservation, reflects:

  • the 2015 amendments emphasizing the proper scope of discovery and the enhanced role of proportionality in preservation, as well as sharpening the analysis of sanctions for the loss of discoverable electronically stored information (ESI);
  • clarification of the duty of a non-party to respond to a subpoena compared to the duty to preserve information;
  • new guidance on how organizations should address data protection laws and regulations that may affect an organization’s ability to implement legal hold data preservation measures outside of the United States;
  • developments in state and federal case law on preservation and spoliation;
  • new and novel sources of ESI requiring preservation and collection; and
  • advances in electronic document management technology.

Importantly, this Second Edition incorporates the knowledge and guidance embodied in the updated Third Edition of The Sedona Principles.

This Commentary is contained within a manageable 43 page PDF document and, as many good TSC commentaries do, includes several guidelines “to help a party meet its duty to preserve discoverable information and to provide pragmatic suggestions and a framework for creating a set of preservation procedures.”  Here they are:

Guideline 1: A reasonable anticipation of litigation arises when an organization is on notice of a credible probability that it will become involved in litigation, seriously contemplates initiating litigation, or when it takes specific actions to commence litigation.

Guideline 2: Adopting and consistently following a policy governing an organization’s preservation obligations are factors that may demonstrate reasonableness and good faith.

Guideline 3: Adopting a procedure for reporting information relating to possible litigation to a responsible decision maker may assist in demonstrating reasonableness and good faith.

Guideline 4: Determining whether litigation is or should be reasonably anticipated should be based on a good-faith and reasonable evaluation of relevant facts and circumstances.

Guideline 5: Evaluating an organization’s preservation decisions should be based on the good faith and reasonableness of the decisions (including whether a legal hold is necessary and how it should be implemented) at the time they are made.

Guideline 6: Fulfilling the duty to preserve involves reasonable and good-faith efforts, taken as soon as is practicable and applied proportionately, to identify persons likely to have information relevant to the claims and defenses in the matter and, as necessary, notify them of their obligation to preserve that information.

Guideline 7: Factors that may be considered in determining the scope of information that should be preserved include the nature of the issues raised in the matter, the accessibility of the information, the probative value of the information, and the relative burdens and costs of the preservation effort.

Guideline 8: In circumstances where issuing a legal hold notice is appropriate, such a notice is most effective when the organization identifies the custodians and data stewards most likely to have discoverable information, and when the notice:

(a) communicates in a manner that assists persons in taking actions that are, in good faith, intended to be effective;

(b) is in an appropriate form, which may be written, and may be sent by email;

(c) provides information on how preservation is to be undertaken, and identifies individuals who can answer questions about preservation;

(d) includes a mechanism for the recipient to acknowledge that the notice has been received, read, and understood;

(e) addresses features of discoverable information systems that may make preservation of discoverable information more complex (e.g., auto delete functionality that should be suspended, or small sections of elaborate ac-counting or operational databases);

(f) is periodically reviewed and amended when necessary; and

(g) is followed up by periodic reminder notices, so the legal hold stays fresh in the minds of the recipients.43

Guideline 9: An organization should consider documenting the procedure of implementing the legal hold in a specific case when appropriate.

Guideline 10: Compliance with a legal hold should be regularly monitored.

Guideline 11: Any legal hold process should include provisions for releasing the hold upon the termination of the duty to preserve, so that the organization can resume adherence to policies for managing information through its useful life cycle in the absence of a legal hold.

Guideline 12: An organization should be mindful of local data protection laws and regulations when initiating a legal hold and planning a legal hold policy outside of the United States.

The Sedona Conference Commentary on Legal Holds, Second Edition: The Trigger & The Process is open for public comment through February 8, 2019. As always, questions and comments regarding the Commentary may be sent to comments@sedonaconference.org and the drafting team will carefully consider all comments received and determine what edits are appropriate for the final version.  You know the drill.

It’s been a busy year for The Sedona Conference® (TSC).  Earlier this year, the TSC has published the Public Comment Version of its Principles and Commentary on Defensible Disposition, the Public Comment Version of their Primer on Social Media, Second Edition (which we discussed in our panel at Relativity Fest earlier this week), the Public Comment version of its Commentary on BYOD: Principles and Guidance for Developing Policies and Meeting Discovery Obligations, the final version of its new Data Privacy Primer and its Commentary on Information Governance, Second Edition.

So, what do you think?  Does your organization have a program for Legal Holds?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Sedona Conference Has Updated its Commentary on Information Governance: eDiscovery Best Practices

It’s been a busy year for The Sedona Conference® (TSC).  Already this year, TSC has published the Public Comment Version of its Principles and Commentary on Defensible Disposition, the Public Comment Version of their Primer on Social Media, Second Edition (which we discussed in our panel at Relativity Fest earlier this week), the Public Comment version of its Commentary on BYOD: Principles and Guidance for Developing Policies and Meeting Discovery Obligations and the final version of its new Data Privacy Primer.  Now, TSC is releasing an update to its 2014 commentary on Information Governance.

On Wednesday, TSC and its Working Group 1 on Electronic Document Retention & Production (WG1) announced the publication of the Public Comment Version of The Sedona Conference Commentary on Information Governance, Second Edition.  In 2014, The Sedona Conference published its first edition of the Commentary on Information Governance which recommended a top-down, overarching framework guided by the requirements and goals of all stakeholders that enables an organization to make decisions about information for the good of the overall organization and consistent with senior management’s strategic directions.

This Second Edition of the Commentary accounts for the changes and advances in technology and law over the past four years; underscores the role of IG as part of and complimentary to the business, rather than something separate that adds overhead; and emphasizes the costs of eDiscovery which should drive organizations to focus on IG on the front end, resulting in eDiscovery that is more efficient, less painful, and which allows the organization to reap additional benefits from a business perspective. Additionally, this Second Edition also incorporates the knowledge and guidance embodied in the new and updated Sedona commentaries since 2014 such as The Sedona Principles, Third Edition and the above referenced Principles and Commentary on Defensible Disposition, which was spawned by the work on this commentary.

The structure is largely similar to the 2014 Commentary, with updated information in key places.  The eleven principles are virtually identical to the ones from 2014 (only principles 3 and 7 have slight word changes), so the foundation remains the same.  The eleven principles are:

  1. Organizations should consider implementing an Information Governance program to make coordinated, proactive decisions about information for the benefit of the overall organization that address information-related requirements and manage risks while optimizing value.
  2. An Information Governance program should maintain sufficient independence from any particular department or division to ensure that decisions are made for the benefit of the overall organization.
  3. All stakeholders’ views/needs should be represented in an organization’s Information Governance program.
  4. The strategic objectives of an organization’s Information Governance program should be based upon a comprehensive assessment of information-related practices, requirements, risks, and opportunities.
  5. An Information Governance program should be established with the structure, direction, resources, and accountability to provide reasonable assurance that the program’s objectives will be achieved.
  6. The effective, timely, and consistent disposal of physical and electronic information that no longer needs to be retained should be a core component of any Information Governance program.
  7. When Information Governance decisions require an organization to reconcile conflicting laws or obligations, the organization should act in good faith and give due respect to considerations such as data privacy, data protection, data security, records and information management (RIM), risk management, and sound business practices.
  8. If an organization has acted in good faith in its attempt to reconcile conflicting laws and obligations, a court or other authority reviewing the organization’s actions should do so under a standard of reasonableness according to the circumstances at the time such actions were taken.
  9. An organization should consider reasonable measures to maintain the integrity and availability of long-term information assets throughout their intended useful life.
  10. An organization should consider leveraging the power of new technologies in its Information Governance program.
  11. An organization should periodically review and update its Information Governance program to ensure that it continues to meet the organization’s needs as they evolve.

This Commentary is contained within a 53 page PDF file, so it’s certainly a reasonable read (less than one court case we recently covered).

The Sedona Conference Commentary on Information Governance, Second Edition is open for public comment through December 5, 2018. As always, questions and comments regarding the Commentary may be sent to comments@sedonaconference.org and the drafting team will carefully consider all comments received and determine what edits are appropriate for the final version.  You know the drill.

Also, I’m sad to pass along the news that Nigel Murray passed away a couple of nights after his two-year battle with brain cancer.  I did not know Nigel well, but, in the couple of times I encountered him (including this thought leader interview a few years ago), I found him delightful and very engaging. Craig Ball has written a wonderful tribute to Nigel on his Ball in Your Court blog here.  My condolences to his family and to all in the profession who had the good fortune to work with him or get to know him personally or professionally.

So, what do you think?  Does your organization have a formal Information Governance program?  As Tom O’Connor and I discussed in a recent webcast, many organizations don’t.  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Want to Learn More About the Sedona Conference Primer on Social Media? Check Out this Video: eDiscovery Best Practices

As we discussed earlier this month, The Sedona Conference® (TSC) and its Working Group 1 on Electronic Document Retention & Production (WG1) have announced the publication of the Public Comment Version of The Sedona Conference Primer on Social Media, Second Edition.  Want to learn more about it without reading the 58 page PDF file?  Check out this video.

On the blog Techno Gumbo which is maintained by my buddy and colleague Tom O’Connor and the Gulf Coast Legal Technology Center – “gumbo”, from New Orleans, get it? – Tom has just posted a video chat between his wife Gayle O’Connor and noted thought leader Craig Ball regarding the Primer, downloadable here.  Both Gayle and Craig have informed perspectives on the topic – Gayle, because of her experience in providing marketing assistance (including social media marketing) to attorneys and legal vendors and Craig, because of his experience as an attorney and Special Master focusing on eDiscovery issues.

Interestingly, both Craig and Gayle had high praise for the Primer.  Craig noted that he was “pleasantly surprised” and stated that it was a “very high-quality document”, “carefully thought out”, “very current”, “useful in its structure” and “tremendously balanced for the most part in terms of the interests of requesting parties and producing parties”.  Gayle noted that she was “very, very impressed in how they included everything that’s going on these days”, including updates (from the 2012 edition) to reflect the new Federal rules, the ABA guidelines regarding technical competence for attorneys and even the General Data Protection Regulation (GDPR).  Both Craig and Gayle also particularly noted coverage of messaging and messaging apps in addition to the traditional sources of social media, such as Facebook, Twitter, LinkedIn and Instagram and they discussed the challenges and considerations associated with social media in eDiscovery in general.

I won’t be “that guy” and spoil the whole conversation; instead, feel free to check out the discussion here.  Gayle has also written an article about the Primer on the ACEDS site, which you can check out here.

TSC has scheduled a webinar on the public comment version of the Primer for Wednesday, August 8, at 1 pm EDT.  You can register for the webinar here – it’s free of charge to judges, court staff, all other full-time government employees, and to accredited law schools and a minimal charge (no more than $99) for regular folks.  As for the public comment period, it’s open for public comment through September 10, 2018. Questions and comments regarding the Primer may be sent to comments@sedonaconference.org.

So, what do you think?  Do you have challenges in handling social media in litigation?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Sedona Conference Has You Primed to Learn Best Practices for Handling Social Media: eDiscovery Best Practices

As Tom O’Connor and I discussed in our webcast last month, handling social media in discovery can be challenging.  Now, The Sedona Conference® (TSC) has updated a primer to help with social media issues.

TSC and its Working Group 1 on Electronic Document Retention & Production (WG1) have announced the publication of the Public Comment Version of The Sedona Conference Primer on Social Media, Second Edition.

The first edition of the Primer was published in 2012 (light years ago in social media terms) and was designed to be a useful resource on various information governance and litigation issues, as it established a practical approach for addressing the corporate use and management of social media. Since 2012, however, there has been a proliferation of new messaging technologies and business applications, in addition to major evolution in “traditional” social media platforms like Facebook, Twitter, and LinkedIn – because they have such a long “tradition”, of course :o). There have also been significant developments in the law addressing social media and in the rules of discovery, evidence, and professional responsibility. In light of these developments, this edition of the Primer focuses exclusively on the discovery of social media in civil litigation. Therefore, WG1 recognized a compelling need to update the Primer and has prepared a public comment version of this Second Edition.

After the one-page introduction (Section I of the Primer), Section II of the Primer discusses traditional and emerging social media technologies and the discovery challenges that they present. Section III examines relevance and proportionality in the context of social media. It also explores preservation challenges, collection and search obligations, and the impact of the Stored Communications Act (“SCA”), together with review and production considerations. Section IV describes the impact of cross-border issues on social media discovery while Section V explores authentication issues. The Primer analyzes ethical issues that lawyers should consider in connection with social media discovery in Section VI before ending with a one paragraph conclusion section.  The Primer weighs in at a fairly tidy 58 page PDF file, so it’s a reasonable read.

The Primer on Social Media, Second Edition is open for public comment through September 10, 2018. Questions and comments regarding the Primer may be sent to comments@sedonaconference.org.  And, a webinar on the Primer is scheduled for Wednesday, August 8, 2018, at 1 pm EDT. Further details will be announced by email and on The Sedona Conference website once registration is open. The webinar will give you the opportunity to ask questions and provide and gain additional insight on this important topic.

To download the Primer, free of charge, click here.

So, what do you think?  Do you have challenges in handling social media in litigation?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Befuddled by BYOD? The Sedona Conference Has a New Set of Principles to Guide You: eDiscovery Best Practices

Many organizations are permitting (or even encouraging) their employees to use their own personal devices to access, create, and manage company related information – a practice commonly referred to as Bring Your Own Device (BYOD).  But, how can those organizations effectively manage those BYOD devices to meet their discovery obligations?  To help with that issue, The Sedona Conference® (TSC) has published an initial Public Comment Version of a Commentary to help.

In late January, TSC and its Working Group 1 on Electronic Document Retention and Production (WG1) rolled out the Public Comment version of its Commentary on BYOD: Principles and Guidance for Developing Policies and Meeting Discovery Obligations.  The Commentary is designed to help organizations develop and implement workable – and legally defensible – BYOD policies and practices. This Commentary also addresses how creating and storing an organization’s information on devices owned by employees impacts the organization’s discovery obligations.  It focuses specifically to mobile devices that employees “bring” to the workplace (not on other “BYO” type programs) and does not specifically address programs where the employer provides the mobile device.

The Commentary begins with five principles related to the use of BYOD programs and continues with commentary for each.  Here are the five principles:

  • Principle 1: Organizations should consider their business needs and objectives, their legal rights and obligations, and the rights and expectations of their employees when deciding whether to allow, or even require, BYOD.
  • Principle 2: An organization’s BYOD program should help achieve its business objectives while also protecting both business and personal information from unauthorized access, disclosure, and use.
  • Principle 3: Employee-owned devices that contain unique, relevant ESI should be considered sources for discovery.
  • Principle 4: An organization’s BYOD policy and practices should minimize the storage of––and facilitate the preservation and collection of––unique, relevant ESI from BYOD devices.
  • Principle 5: Employee-owned devices that do not contain unique, relevant ESI need not be considered sources for discovery.

The Commentary weighs in at a tidy 40 page PDF file, which includes a couple of appendices.  So, it’s a fairly light read, at least by TSC standards.  :o)

TSC is encouraging public comment on the Commentary on BYOD, which can be downloaded free from their website here (whether you’re a TSC member or not). They encourage Working Group Series members and others to spread the word and share the link (you’re welcome!) so they can get comments in before the public comment period closes on March 26. Questions and comments may be sent to comments@sedonaconference.org.  So, you have a chance to be heard!

Speaking of mobile devices, I’m excited to be speaking this year for the first time at the University of Florida Law E-Discovery Conference on March 29.  I’m on a panel discussion in a session titled Getting Critical Information From The Tough Locations – Cloud, IOT, Social Media, And Smartphones! with Craig Ball, Kelly Twigger, and with The Honorable Amanda Arnold Sansone, Magistrate Judge in Florida, moderating.  As always, the conference will be conducted in Gainesville, FL (as well as being livestreamed), with CLE-accredited sessions all day from 8am to 5:30pm ET, with an all-star collection of speakers.  I’ll have more to say about the conference as we get closer to it.  Click here to register!

So, what do you think?  Does your organization have a BYOD policy?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Sedona Conference Has Published the Final Version of its Data Privacy Primer: eDiscovery Best Practices

With the Microsoft Ireland case being argued before SCOTUS on February 27 and the General Data Protection Regulation (GDPR) going into effect in May (click here to register for our next webcast on that topic), it’s a big year for data privacy.  In keeping with that theme, The Sedona Conference® (TSC) has published the final version of a primer to help with this growing issue.

Last week, TSC and its Working Group 11 on Data Security and Privacy Liability (WG11) rolled out the final version of its new Data Privacy Primer, almost exactly a year after rolling out the public comment version.  This final version contains several updates following thorough consideration of the public comments submitted between January and April 2017.

WG11 developed the Data Privacy Primer to provide a practical framework and guide to basic privacy issues in the United States and to identify key considerations and resources, including key privacy concepts in federal and state law, regulations, and guidance.

As we noted last year, the Primer is “intended to provide a practical framework and guide to basic privacy issues in the United States and to identify key considerations and resources, including key privacy concepts in federal and state law, regulations, and guidance.”  The TSC notes that it focuses on privacy laws in the U.S. in this Primer and that global privacy laws are outside the scope of its coverage. It also focuses primarily on privacy issues arising under civil rather than criminal law (though criminal law implications are addressed “at various points” in the Primer).

The Primer covers topics ranging from Common Law of Privacy to Federal and State Government Laws and Act regarding privacy policies and protections to discussions of general consumer protection, health (including HIPAA) and financial protections.  It also discusses Workplace and Student privacy considerations which ranges from discussions about use of company equipment and email and bring your own device (BYOD) policies in the workplace and privacy protections for educational records.  Apparently, there were a lot of public comments, because the PDF file for the Primer has ballooned up to a whopping 175 pages (from 115 for the public comment version).  So, it’s not exactly “light” reading for a weighty topic.  :o)

So, what do you think?  How does your organization address data privacy?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

“Primed” to Learn About Rule 34 of the FRCP? Here’s a New Primer from The Sedona Conference: eDiscovery Best Practices

As Tom O’Connor and I discussed last week in our ACEDS webinar Key eDiscovery Case Law Review for First Half of 2017 (here’s a link if you missed it), we’re seeing lots of cases that relate to disputes associated with Rule 34 of the Federal Rules of Civil Procedure and disputes over things such as scope of production and proportionality, form of production and the handling of objections.  Now, The Sedona Conference® (TSC) Working Group on Electronic Document Retention & Production (WG1) has issued a public comment version of a new primer on Rule 34.

As noted in the Preface, the Federal Rule of Civil Procedure 34 Primer stems from the December 2015 changes to Rule 34, which were intended to address systemic problems in how discovery requests and responses traditionally were handled, and the observation that, over a year later, despite numerous articles, training programs, and conferences about the changes, their implementation had been mixed, at best. Along the way, several courts issued firmly-worded opinions admonishing practitioners against continuing to use overly-broad, non-particularized requests for production and unhelpful, boilerplate objections. These opinions made clear that there would be consequences for those who continue to rely on their pre-December 2015 practices, templates, boilerplate objections, and forms. In short, this Primer aims to meet the need for a framework and guidance on how to comply with the requirements of amended Rule 34.

WG1 has prepared this Rule 34 Primer with practice pointers on how to comply with the amended Rules, and it gathers advice and observations from: (1) requesting and responding parties who have successfully implemented them; and (2) legal decisions interpreting the amended Rules. Judicial opinions issued to date have given a clearer picture on how the amendments will be interpreted and implemented by the bench, and, as noted in the Introduction, any practitioner that does not adapt their practice to incorporate these amendments “does so at his or her own risk”.

After the Introduction, the Rule 34 Primer covers the 2015 Rules Amendments to Rule 34 and then the bulk of the document covers practice pointers for conferences by the parties, requests for production, responses to requests to production, court involvement and requesting and responding parties’ obligations under Rule 26(g).  The Rule 34 Primer also includes two appendices: Cases Interpreting the Specificity Requirements in Rule 34 and State Law Equivalents and Standing Orders, Guidelines, and Checklists Regarding Requests for Production and Responses to Those Requests.  The entire downloadable PDF file is a mere 29 pages, so it’s reasonably compact.

To download the Federal Rule of Civil Procedure 34 Primer, click here.  As always, it’s free!

And, as this is a public comment edition, WG1 encourages Working Group Series members and others to spread the word and share this link so they can get comments in before the public comment period closes on November 15, 2017 (done! – you’re welcome…). Questions and comments regarding the Primer before then can be sent to comments@sedonaconference.org.

So, what do you think?  Have you encountered any cases recently with “overly-broad, non-particularized requests for production” or “unhelpful, boilerplate objections”? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.